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REMARKS 

The Examiner has rejected Claims 14-17, 28, and 30 under 35 U.S.C. 101 because the 
claimed invention is directed to non-statutory subject matter. Such rejection is deemed moot in 
view of the clarifications made hereinabove to such claims. 

The Examiner has further rejected Claims 1,11, 13, 14, 24, 26, and 28-30 under 35 
U.S.C. 103(a) as being unpatentable over Chang et al, (U.S. Patent No.: 6,526,433) in view of 
Kingsford et al. (U.S. Patent No.: 6,574,737). Applicant respectfully disagrees with such 
rejection, especially in view of the amendments made hereinabove. 

To establish a prima facie case of obviousness, three basic criteria must be met. First, 
there must be some suggestion or motivation, either in the references themselves or in the 
knowledge generally available to one of ordinary skill in the art, to modify the reference or to 
combine reference teachings. Second, there must be a reasonable expectation of success. 
Finally, the prior art reference (or references when combined) must teach or suggest all the claim 
limitations. The teaching or suggestion to make the claimed combination and the reasonable 
expectation of success must both be found in the prior art and not based on applicant's 
disclosure. In re Vaeck.947 F.2d 488, 20 USPQ2d 1438 (Fed.Cir.1991). Applicant respectfully 
asserts that at least the first and third elements of the prima facie case of obviousness have not 
been met. 

With respect to the first element of the prima facie case of obviousness, the Examiner 
states that it would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to use the risk-assessment scan disclosed by Kingsford et al. in combination 
with the variable time out duration method disclosed by Chang et al. Applicant respectfully 
disagrees with this proposition, especially in view of the vast evidence to the contrary. 

For example, Chang relates to a system for dynamically setting timeouts , while Kingsford 
relates to a system for finding network vulnerabilities . To simply glean features from a system 
for finding network vu lnerabilities , such as that of Kingsford, and combine the same with the 
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non-analogous an of systems for dynamically setting tim*™.* such as that 0 f Chang, would 
simply be improper. Systems for finding network vnln^hiiihW identify vulnerabilities in 
networks, while systems for dynamically ^ttino r^^ f , set binding W/e _ reIated timeouts _ 
"In order to rely on a reference as a basis for rejection of an applicant's invention, the reference 
must either be in the field of applicant's endeavor or, if not, then be reasonably pertinent to the 
particular problem with which the inventor was concerned." In re Oetiker, 977 F.2d 1443, 1446, 
24 USPQ2d 1443, 1445 (Fed. Cir. 1992). See also In re Deminski, 796 F.2d 436, 230 USPQ 313 
(Fed. Cir. 1986); In re Clay, 966 F.2d 656, 659, 23 USPQ2d 1058, 1060-61 (Fed. Cir. 1992) In 
view of the vastly different types of problems a system for finding network vmln^hilitw 
addresses as opposed to a syste m for dynamically setting binding W/.-related timennt ■« the 
Examiner's proposed combination is inappropriate. 

Thus, contrary to the Examiner's arguments, applicant's claimed feature would have been 
unobviaus in view of the Chang-Kingsford combination, since die timeouts of Chang relate to 
binding handles that are used to point to a data structure that comprises general information that 
allows an application client and an application server to communicate to each other through 
remote procedure calls. The general information that makes up such data structure includes a 
host name and port number, the application functions that the server provides, the low level 
network protocol (TCP, UDP, etc.) that is being supported, etc. Thus, the timeouts of rhsns 
teach away from any sort of risk assessment, etc /„ re Hedges, 783 F.2d 1 038, 228 USPQ 685 
(Fed. Cir. 1986). 

More importantly, with respect to the third element of the prima facie case of 
obviousness, the Examiner relies on the following excerpt from Kingsford (in combination with 
Chang) to meet applicant's claimed "performing a timeout prior to making a determination that 
the target is failing to respond to the risk-assessment scan." 

"These and other objects are also achieved by providing a method of 
performing a penetration tesl: on a computer network, corr.p^^ng 
se-urfd^/ C rSt COnlputer "etwor* scan to gather information about a 
secured network resource in ,:he computer network; performing a second 
computer network scan to gather information about a second secured 
network resource in the computer network; and automatically sha^c 
output oa-u from the first computer network scan with the second" 
computer network scan." (see col. 2, lines 35-43) 
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Such excerpt merely suggests vulnerability detection. There is not even a suggestion (in 
either of the cited references) of "performing a timeout prior to making „ d etermination that th. 
target is failing to respond to the risk-assessment «.,„ » f^pW.v Only applicant 

teaches such a timeout under such specific condition, namely prior to making a determination 
that the target is failing to respond to the risk-assessment scan. 

Applicant respectfully asserts that at least the third element of the prima facie case of 
obviousness has not been met since the prior art references, when combined, fail to teach or 
suggest all of the claim limitations, as noted above. 

Nevertheless, despite the paramount differences highlighted above and in the spirit of 
expediting the prosecution of the present application, applicant has amended each of the 
independent claims to include the following subject matter (found in previous Claim 13 et al.): 

"performing a risk-assessment scan-related timeout prior to making a determination that 
the target is failing to respond to the risk-assessment scan ... 

wherein the risk-assessment scan is abandoned if t h e target fails respond tn thg re- 
assessment scan within the variable dumtinn " (emphasis added). 

The Examiner has relied on the aforementioned excerpt from Kingsford to make a prior 
art showing of such claimed features. However, it is clear that neither Chang nor Kingsford even 
suggest a risk-assessment 5<*w-related timeout, let alone the abandonment of a risk-assessment 
scan if the target fails to respond to the risk-assessment scan within an associated variable 
duration. 



Again, applicant respectfully asserls that at least the third element of the prima facie case 
of obviousness has not been met. A notice of allowance or a specific prior art showing of all of 
applicant's claim limitations, in combination with the remaining claim elements, is respectfully 
requested. 

With respect to the dependent claims, applicant has carefully reviewed the excerpts relied 
upon by the Examiner to reject the same, and has found serious deficiencies in the Examiner's 
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application of the prior art. Just by way of example, the Examiner relies on the foregoing 
excerpt from Kingsford to meet applicant's claimed "wherein the timeout is performed for each 
of the risk-assessment scan modules" (see Claim 1 1 et al.). However, such excerpt and the 
remaining cited references do not even suggest a risk-assessment ^-related timeout, let alone 
separate timeouts for. each of a plurality of risk-assessment scan modules. 

Still yet, the Examiner relies on the following excerpt from Chang to meet applicant's 
claimed "wherein the timeout is set by adding a default value with a variable value which is set 
as a function of the measured network condition" (see Claim 8 et al.), and "wherein the timeout 
is set by multiplying a default value with a variable factor which is set as a function of the 
measured network conditions" (see Claim 9 et al.). 

"The pre-defined methods in blocks 80 and 82 are each not limited to 
any specific method, and any suitable method mav be used for 

II tha* til aV^V^ 8 ^ ValUe " F ° r e * am Ple, such method -nay 

be that the optimal value i* calculated from a simple formula *uch as 
two ti,esthe largest value (i.e. largest response time) In'Jne 
response time array. Another such method nay involve a more complicated 
ll™t\l-l n WhX ^ the ° pZimai Value is obtained from some type of 
neuristics or statistics calculation. An example of such heurisrics or 
statistics calculation may involve tracking and obtaining the most 
recent twency-rive (25) elements or values - (i e the last ?s r «,«™« 

dev^lf ^ reSpCnSS ThS "3 standard eSPOnSS 

deviations are computed for these response time values. The optimal 
value is obtained as the sur, of the average plus three standi 
deviations. Of course, the -quality- of the pre-defined mJ'thod 
oetermines how rine the timeout value is able to be tuned r 0 reflect 

of tS' ATT^"^' Ch ° 1Ce ° f meth ° d alS ° ^^rmlnes the size 

of tne array. I- tae first example, the size of the array is -just one 
because only the largest value needs to be tracked and stored' " th- 
se,cnd example, the size of the array needs tc be twenty five in order 

° ' f thS twentV ' five mcst rece ^ RPC response li meS " 

(see col. 6, line 49 - col. 7, line 5) 

After carefully reviewing such excerpts and the remaining Chang reference, however, it 
is clear that such excerpt and the remaining cited references do not even suggest a default value , 
let alone adding a default value with a variable value, or multiplying a default value with a 
variable factor. 

Again, applicant respectfully assert* that at least the third element of the prima facie case 
of obviousness has not been met. A notice of allowance or a specific prior art showing of all of 
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applicant's claim limitations, in combination with the remaining claim elements, is respectfully 
requested. 

Still yet, applicant brings to the Examiner's attention the following additional dependent 
claims that have been added for full consideration: 



"wherein the timeout is set by the following algorithm: 

if Ractual is < Or > R defbu | t by (Rdeftuj, * F), 

then T ogluaI = Tdetauii + Racial * N; 

else T aclua | ~ Tdcfauhi and 

where: 

Rdefauit- default response duration, 
Raauai = actual response duration, 
Tdcfouii = default timeout value, 

= actual timeout value. 
F = deviation factor, and 
N = normalizing factor' (see Claim 31); 



"wherein the timeout is set utilizing a plurality of network condition probes that gather 
multiple network condition measurements on a single target" (see Claim 32); 

"wherein the measured network conditions are measured for an entire network segment 
on which a plurality of target components is located" (see Claim 33); and 

"wherein the source is capable of reducing a latency of the risk-assessment scan by 
setting the variable duration to a minimal value, while avoiding the abandonment of 
vulnerable systems reachable over high latency networks by increasing the variable 
duration to accommodate such scenarios" (see Claim 34). 

Yet again, a notice of allowance or a specific prior art showing of all of applicant's claim 
imitations, in combination with the remaining claim elements, is respectfully requested. 
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In the event a telephone conversation would expedite the prosecution of this application, 
the Examiner may reach the undersigned at (408) 971-2573. For payment of any additional fees 
due in connection with the filing of this paper, the Commissioner is authorized to charge such 
fees to Deposit Account No. 50-1351 (Order No. NAI1P008/01 .1 13.01). 



Respectfully submitted, 



By: 



Kevin J. Zilk 
Reg. No. 41,42 




Date 



Zilka-Kotab, PC 

P.O. Box 721120 

San Jose ? California 951 72-1 120 

Telephone: (408)971-2573 
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